CVE-2024-8424 – WatchGuard Endpoint Protection Privilege Escalation in PSANHost Enables Arbitrary File Delete as SYSTEM
https://notcve.org/view.php?id=CVE-2024-8424
Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions. This issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00017 • CWE-269: Improper Privilege Management •
CVE-2023-26236
https://notcve.org/view.php?id=CVE-2023-26236
An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of message handling between WatchGuard EPDR processes, it is possible to perform a Local Privilege Escalation on Windows by sending a crafted message to a named pipe. Se descubrió un problema en WatchGuard EPDR 8.0.21.0002. Debido a una implementación débil del manejo de mensajes entre los procesos de WatchGuard EPDR, es posible realizar una escalada de privilegios locales en Windows enviando un mensaje manipulado a un pipe conocido. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00004 • CWE-269: Improper Privilege Management •
CVE-2023-26239
https://notcve.org/view.php?id=CVE-2023-26239
An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of a password check, it is possible to obtain credentials to access the management console as a non-privileged user. Se descubrió un problema en WatchGuard EPDR 8.0.21.0002. Debido a una implementación débil de la verificación de contraseña, es posible obtener credenciales para acceder a la consola de administración como usuario sin privilegios. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00007 • CWE-273: Improper Check for Dropped Privileges •
CVE-2023-26237
https://notcve.org/view.php?id=CVE-2023-26237
An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to bypass the defensive capabilities by adding a registry key as SYSTEM. Se descubrió un problema en WatchGuard EPDR 8.0.21.0002. Es posible evitar las capacidades defensivas agregando una clave de registro como SYSTEMA. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00005 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVE-2023-26238
https://notcve.org/view.php?id=CVE-2023-26238
An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to enable or disable defensive capabilities by sending a crafted message to a named pipe. Se descubrió un problema en WatchGuard EPDR 8.0.21.0002. Es posible habilitar o deshabilitar capacidades defensivas enviando un mensaje manipulado a un pipe conocido. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00006 •